To: bugtraqsecurityfocus.com security-announcelists.securityportal.com announcelists.caldera.com scoannmodxenitec.on.ca

Do not reply to this mail. This security advisory is being sent from a
nonexistent address in order to avoid spam problems. Caldera's
contact address for UNIX security issues is security-alertcaldera.com.

___________________________________________________________________________

            Caldera International, Inc. Security Advisory

Subject: OpenServer: shell here-documents allow various security breaches
Advisory number: CSSA-2001-SCO.24
Issue date: 2001 October 9
Cross reference:
___________________________________________________________________________

1. Problem Description
        
        Shell here-document processing is vulnerable to a variety of
        security attacks.

2. Vulnerable Versions

        Operating System Version Affected Files
        ------------------------------------------------------------------
        OpenServer <= 5.0.6a /bin/sh
                                                /sbin/sh
                                                /bin/csh
                                                /bin/ksh
                                                /usr/bin/euc/ksh
                                                /usr/lib/scosh/utilbin/oash

3. Workaround

        None.

4. OpenServer

  4.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.24/

  4.2 Verification

        md5 checksums:
        
        76a2c883b71361ebb1180169e849734b shells.tar.Z

        md5 is available for download from

                ftp://stage.caldera.com/pub/security/tools/

  4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        # uncompress /tmp/shells.tar.Z
        # for i in /bin/csh /bin/ksh /bin/sh /sbin/sh /usr/bin/euc/ksh /usr/lib/scosh/utilbin/oash
> do
> mv $i ${i}-
> done
        # cd /
        # tar xvf /tmp/shells.tar

5. References

        http://www.kb.cert.org/vuls/id/10277

        This and other advisories are located at
                http://stage.caldera.com/support/security

        This advisory addresses Caldera Security internal incident
        sr847825.

6. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on our website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera International products.

7. Acknowledgements

        The original discoverer of this vulnerability was Gordon Irlam
        of the Univeristy of Adelaide, Australia.

         
___________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjvDOg4ACgkQaqoBO7ipriEZ5gCgqw6PTmWyX829EQhTduzUisvp
dHsAnAhnptmV2yzcB5vIPp76TimGf90R
=B8FQ
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]